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(57) Abstract: A trusted display (18) of a trusted 
authorization device (TAD) (10) displays on 
a trusted display (18) first information about a 
transaction to be authorized by a user (14) using 
a trusted keypad (20). The TAD (10) generates 
(208) a random number (R); generates (1210) 
second information from the first information, the 
random number (R) and a first identification code 
(TADID-A) of the TAD (10); generates (212) a 
signature of the second information using a first 
encryption process; egnerates (216) a set of session 
keys (Ksl, Ks2, Ks3) by a second encryption 
process responsive to the random number (R) and 
a set of stored working keys (K wl , K w2 , K w3 ); and 
generates (218) third information by encrypting 
the second information and the signature using a 
third encryption process responsive to the set of 
session keys (Ksl, Ks2, Ks3). A dat structure (42) 
is formed comprising the random numer (R), the 
first identification code (TADID-A), and the third 
information; and communicated (220) from the 
TAD (10) to the client (12) to a host server (28) for 
verification by a verification decryption server (32). 
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TRUSTED AUTHORIZATION DEVICE 

# BRIEF DESCRIPTION OF THE DRAWINGS 

In the accompanying drawings: 

% FIG. 1 illustrates a block diagram of a trusted authorization device and an associated 

transaction processing system; 

FIG. 2 illustrates a process for providing for a trusted authorization of a transaction from 
the point-of-view of an associated Trusted Authorization Device (TAD); 

FIG. 3 illustrates as data structure used by a process for providing for a trusted 
authorization of a transaction; 

FIG. 4a illustrates an encryption process for generating a set of encryption keys; 

FIG. 4b illustrates a schematic representation of the process illustrated in Fig. 4a; 

FIG. 5a illustrates 3-DES encryption process for generating a set of encryption keys; 

FIG. 5b illustrates a schematic representation of the process illustrated in Fig. 5a; 

FIG. 6a illustrates 3-DES encryption process for encrypting a message; 

FIG. 6b illustrates a schematic representation of the process illustrated in Fig. 6a; 

FIG. 7a illustrates 3-DES decryption process for decrypting an encrypted message; 

FIG. 7b illustrates a schematic representation of the process illustrated in Fig. 6a; 

FIG. 8 illustrates a process for providing for a trusted authorization of a transaction from 
the point-of-view of an associated client computer; 

FIG. 9 illustrates a process for providing for a trusted authorization of a transaction from 
the point-of-view of an associated host computer; 

FIG. 10 illustrates a process for providing for a trusted authorization of a transaction 
from the point-of-view of an associated Verification Decryption Server (VDS); 

FIG. 11a illustrates a key loading process from the point-of-view of an associated Key 
Loading Unit (KLU); 

FIG. lib illustrates a schematic representation of the process illustrated in Fig. 11a; 

FIG. 12a illustrates a key loading process from the point-of-view of an associated 
Trusted Authorization Device; 

FIG. 12b illustrates a schematic representation of the process illustrated in Fig. 11a; 

FIG. 13 illustrates a re-keying process from the point-of-view of an associated Key 
Loading Unit (KLU); 

FIG. 14 illustrates a re-keying process from the point-of-view of an associated Trusted 
Authorization Device; 
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FIG. 15 iffrates a re-keying process from the point-of-view of an associated Trusted ^ 

Authorization Device; authoriza tion of a transaction 

FIG. 16 illustrates a process for providing tor a iru» 
from the point-of-view of an associated Trusted Authorization Device; 

fIg 17 illustrates a process for providing for a tested authorization of a transaction 
from the point-of-view of an associated Verification Decryption Server (YDS); 

FIG. 18 illustrates a table of TAD input commands; 

FIG. 19 illustrates a table of TAD language codes; 

„ f , Tin innut command for authorizing data; 
FIG 20 illustrates a structure of a TAD input comma 

nGs . 21 . musses a pi-ex, portion of a da,a — e of a TAD response ,0 

command for authorizing data; Tin resnonse to 

FIG. 21b mus.ra.es an encryp.ed portion of a da,a s.ruc.ure of a TAD response 

command for authorizing data; 

FIG. 23 illustrates a struck of an error response data paclcet from a TAD to a client 
computer if an authorization is either aborted or incorrect; 

♦ r, tad resnonse to command for authorizing data, 
FIG. 24 illustrate a structure of a TAD response 

FIG. 25 ».us.ra,e an example of aTAD data s.ruc.ure a. various processing stages; 
FIG. 26a nius.ra.es a structure of a TAD input command for ioading a re k ev,n g keyset; 

f tad resnonse to a command for loading a rekeying 
FIG. 26b illustrates a structure of a TAD response 

keySet ' f q tad innut command for installing a new working 

FIG. 27a illustrates a structure of a TAD input comman 

keySet ' r * TAD resnonse to a command for installing a new 

FIG. 27b illustrates a structure of a TAD response 

working keyset; & ^ Janguage; 

FIG. 28a illustrates a structure of a TAD input comma 

f . tad resnonse to a command for installing a new 
FIG. 28b illustrates a structure of a TAD response to 

langUaSe '' f a TAD innut command for identifying a TAD to a 

FIG. 29a illustrates a structure of a TAD input comm 

client computer; for .^.^ a TAD 

FIG. 29b illustrates a structure of a TAD response 

to a client computer; 
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FIG. 30a illustrates a structure of a TAD input command for testing a TAD maintenance 
key; 

FIG. 30b illustrates a structure of a TAD response to a command for testing a TAD 
maintenance key; 

FIG. 31a illustrates a structure of a TAD input command for personalizing a TAD; and 
FIG. 31b illustrates a structure of a TAD response to a personalizing a TAD. 



Electronic communications, and the data which traverses those communications, are 
relatively new, as is the technology used to protect electronic data. Existing communications 
protection technologies tend to fall into two categories. The first, government sponsored, is 
generally very well thought out and provides excellent protection, but is not readily available 
for commercial applications. The second, de facto commercial, are mostly not strong enough 
to protect important information, or are dedicated to specific functions. For example, 
standard point-of-sale devices are dedicated to merchandizing applications, and existing 
ATM systems are dedicated to the dispensing of cash. 

There exists a need for a device to provide personal protection of electronic data that 
is small, easy to use, provides excellent protection to the PC/laptop user, and that can operate 
in conjunction with corresponding devices at a central data gathering point to provide near 
real time validation of the information. 

As one example, involving financial transactions over the internet by a user, a 
financial institution may desire an enhanced level of security so as to verify that the user is 
who they say they are and that they have truly authorized a particular transaction. As another 
example, in a business-to-business environment, a paycheck processing company needs to 
know with virtual certainty the authenticity of instructions from associated business clients 
for making payroll distributions. As yet another example, in a gaming environment, a user of 
internet gaming services may wish to transfer funds from a credit card to a gaming card so as 
to participate in internet gaming, a transaction for which the credit card issuer generally 
demands authentication of the user and verification of the transaction so as to avoid a later 
repudiation of the transaction by the user. 

Referring to Fig. 1, a Trusted Authorization Device 10 (or TAD) is operatively 
connected to an untrustworthy client 12 (for example, a personal computer or workstation 
PC) operated by a user 14. The TAD 10 provides a trustworthy subsystem that allows the 
authorization of electronic data transactions or actions while electronically connected to the 
untrustworthy client 12 platform in a potentially hostile environment. The TAD 10 
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comprises a SL con.ro, processor * a — dispU, » . ^ ^ « 

numeric keypad, or an a,phanumeric aboard,. and a — ^.c, . - -« » 

w ^ort ^ Tn one embodiment, the 1AU iu is <» 
magnetic stripe card, a chip card, a smart cart, etc.). in one em 

Zl JL, — . — ~ — a — — for « - 
JL— of transactions / anions .ha. can * contact., mpm*n«d « 
understand^ f onn. The TAD 1. is operative* connect to me C - 1 2 w* 

u «\ ia for example a serial telecommunications (Rb-lli) 
telecommunications channel 24, tor example, * 

£ZL is — ■» - — — process. ,6 A ~ 
H 24 tha, is hardwired direct,, to *a Cent 12 and no, ont-of-sigh. .herefrom P-des 

for enhanced security. pvamnle 
The .rusted con.ro. processor 16 and associated memory 26 are, for exalte 
secure* packaged in a tatnpet-ptoof, hardened housing, that if tampered with causes a. ,e*. 
« . Contents of .he TAD tt .0 Cher se.f-destruc. or heconre inoperah.e .and vutuaUy 

ngh. sensor or a pressure sensor or bo*, which wou.d cause .he memory 26 <o be erased 
fin an Ld- de.ec..on of hgh. or pressure change .ha. wouid resu,, from 
ZZ* wim <he housing of .he trusted eon.ro, processor 16 and/or associated memory 
71 Lsted cn.ro, processor ,6 is a dedicated CPU in ,he TAD 1. that comro.s and* 
lages the .rusted dispray 18, .rus.ed Keypad 20. «r„s.ed device render 22, and the 

telecommunications channel 24. 

The trusted control processor 16 provides for the following capabilities: 

1. A unique and well protected ID; 

2 EmbeddeduniqueimplementationofcryptographicalgorithmsCincludingdigest 

' alg orithms, asymmetric encryption with public/private keys and symmetric encryption 
with private/private keys); 

3 Random number generation; 

4. Functional,., to derive unique session keys per transaction from random generate 

5 ctyp^raphic funcionaii.y to enahie signing (diges. and/or pub,ic/priva«e encryption 
keys) and data encryprion (private/private encryption keys) funcdonahty; 

6 AbUity to pro.ee. .he TAD encryption keys from observation or aheration Thrs 
Lowes on-chip hardening and sys,em au.o-destntc, funcionaiity in even, of tamper 
de.ec.ion. Tamper detection sensing is embedded in the TAD 10; 
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7. Ability to display proposed transactions supplied from host and loadsupplied 
information into appropriate data structures for transmission; 

8. Ability to capture and load data from integrated TAD devices; 

9. Client PC interface, trusted keypad, trusted device reader, e.g. card reader; 

10. Optional camera, biometric input devices, and/or GPS receiver; and 

11. Ability to integrate all authorized information into a transaction data structure, 
digitally sign this data structure, strongly and uniquely encrypt the appropriate 
portions of the structure, and transmit this data structure to the host for further 
transmission. 

The trusted display 18 is, for example, a separate display constrained by trusted 
control processor 16 and not subject to intercept, control or modification by a host system. 
The trusted display 18 displays the transaction or authorization to be performed, for example 
in a compact embodiment, on a 4 line by 20 character screen. 

The trusted keypad 20 is, for example, a numeric key pad (with alpha functionality) 
that is constrained by the trusted control processor 16 and whose data is not subject to 
interception, alteration, or replacement by signals from the client 12. The trusted keypad 20 
is used by a user to enter information and accept or refuse a transaction. 

The trusted device reader 22 is, for example, a magnetic card/smart card reader that 
is constrained to communicate with the trusted control processor 16 and whose information 
is not subject to interception, alteration, or replacement by signals from the client 12.. The 
trusted device reader 22 provides a means for the user 14 to provide proof of possession or 
the associated magnetic card/smart card, and thereby enable the TAD 10 to authenticate the 
transaction request. The trusted device reader 22 may, for example, be a hybrid card reader, 
enabling it to support the usage of chip cards in a trustworthy environment. Such chip cards 
provide an appropriate environment for accessing user-specific public key-enabled 
functionality. 

The client 12 is operatively connected, e.g. via the Internet, to a host server 28 
having a communication interface 30. For example, the host server 28 could be operated 
by a service provider that requires an enhanced level of trust in the authorization of 
transactions or requests by the user 14 running particular application software of the service 
provider, and accordingly, who would provide a TAD 10 to the user 14 for authenticating 
transactions with the necessary enhanced level of trust. 

The host server 28 interfaces with a verification decryption server 32 (VDS), for 
example, via a VDS executive manager 34, and may also, or alternatively, interface with a 
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customer apphfation system 36 running associated application software, and also interfaced ^ 
with the VDS 32. 

Each TAD 10 is provided with a unique alphanumeric ID (TADID.A) and a unique 
and well-protected binary ID (TADID_B), each of which are stored in memory 26. The 
alphanumeric ID (TADID.A) is also visible on the outside of an associated housing of the 
TAD 10 for purposes of identifying the particular device, for example for purposes of 
maintenance or physical distribution control. The associated trusted control processors 16 
are also provided with embedded unique implementations of cryptographic algorithms, 
including at least one algorithm for generating a signature - which may include a digest 
process - (e.g. asymmetric encryption with public/private keys) and at least one algorithm for 
encrypting data (e.g. symmetric encryption with private/private keys), the later of which 
relies upon associated keys that are stored in the TAD 10 by a key loading unit 38 (KLU). 

Referring to Fig. 2, in operation, in step (202) the untrustworthy client 12 downloads 
a proposed transaction or action to the TAD 10 for authorization, for example at the request 
of the user 14. Then, in step (204), the user 14, viewing the trusted display 18 and using 
the trusted keypad 20, pages through the proposed transaction, thereby providing a basis of 
trust for the action to be authorized. When the user 14 wishes to authorize the transaction, the 
user 14 can accept the transaction by pressing the appropriate key, or sequence of keys, on 
the trusted keypad 20. The user 14 may then further couple a unique physical token 40 - 
e.g. a magnetic stripe card 40.1 or a smart card 40.2 - to the trusted device reader 22, 
and then enter a personal PIN number associated therewith on the trusted keypad 20, 
thereby authenticating the identity of the user 14. Alternately, or in addition, the TAD 10 
may require the user 14 to enter a PIN number associated with the TAD 10. 

Then, in step (206), if the user 14 authorizes the transaction, then the trusted control 
processor 16 stores the displayed first information, the captured card information, and all 
other necessary information (e.g. PIN, location from an associated trusted location device e.g. 
GPS receiver, etc) as second information in an associated data fields of an associated data 
structure 42, e.g. illustrated in Fig. 3, wherein the second information is responsive to, or a 
function of the first information, and may comprise a copy of the first information. 
Otherwise, from step (206), the process repeats with step (202), wherein the TAD 10 awaits 
further input from the client 12. Then, in step (208), a random number generator 44 - e.g. 
within the trusted control processor 16 - generates a random number R, which may be 
either a pseudo-random number, or a true random number, for example, generated responsive 
to a noisy physical process. The TAD 10 may also access and increment a transaction 
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counter, although this step is not essential. Then, in step (210), the trusted control 
processor 16 generates second information that is responsive to the first information 
displayed to the user, and which further incorporates the random number R and a first 
identification code of the TAD 10, e.g. the alphanumeric-ID (TADID_A). Then, in step 
(212) the trusted control processor 16 generates a digital signature of the second 
information - thereby providing a basis for authorization and non-repudiation of the 
transaction — using a first encryption process, for example, an irreversible digest algorithm 
(e.g. an asymmetric encryption algorithm). Then, in steps (214) and (216), the trusted 
control processor 16 respectively retrieves a set of stored working keys K wl , K w2 , K w3 from 
the memory 26, and generates a set of transaction-specific session keys Ksl, Ks2, Ks3 using 
a second encryption process - generally illustrated in Figs. 4a, 4b, and illustrated for a 3-DES 
encryption process in Figs. 5a and 5b — using the random number R as a seed. The 
working keys Kwl, Kw2, Kw3 are stored in the memory 26 by a key loading process 
described hereinbelow. Then, in step (218), trusted control processor 16 generates third 
information by encrypting the combination of the second information from step (210), and 
the associated signature from step (212), using a third encryption process, for example a 3- 
DES encryption process as illustrated in Figs. 6a and 6b. Then, in step (220), the data 
structure 42 comprising the plaintext random number R, the plaintext alphanumeric ID 
(TADID_A), and the third information is communicated to the client 12, and communicated 
thereby to the host server 28. The host server 28 sends the data structure 42 to the VDS 
32 for decryption and signature verification thereby, and if authenticated by the VDS 32, the 
transaction is processed by either the host server 28 or the associated customer application 
system 36.. If a transaction counter is used, the value of the transaction counter would be 
incorporated in the second information (which is signed), and may also be incorporated as 
plaintext in the data structure 42. 

For example, if the user is interfaced with the host server 28 is via an Internet 
browser, a user may select, via the browser, a transaction to be conducted - for example, the 
transfer of funds from an account accessed via a standard financial card or a transaction 
within a custom domain. The browser then uses associated TAD 10 interface software to 
transfer the proposed transaction and instructions to the TAD 10 for authorization. 

Referring to Fig. 8, from the point of view of the client 12, the above described 
process commences in step (802), wherein the user 14 initiates a transaction on a client 12 in 
communication with the host server 28. For example, the user 14 initiates a transaction on 
the Internet involving a purchase that the user 14 wishes to finance by a credit card, i.e. a 
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magnetic S card 40.1. In step (804). response ,o .he host server 28 requesting a 
.rusteti authorization of the transaction, a fits, information to be authorized is commun.cated ^ 
,o the TAD 10, and in step (806), if the user 14 has authorized the transaction using the TAD 
10, the client 12 receives the associated data structure 42 from the TAD 10, and. in step 
(808), communicates this to the host server 28. 

Referring to Fig. 9, from the point of view of the host server 28, in step (902), the 
host server 28 receives .he data structure 42 from the die* 12, in step (904), ex.racrs .he 
arphanumeric ID (TAD1D_A) from .he plaintext portion of the data structure 42 and uses 
a lookup process to find an associated set of VDS encrypted TAD working keys Kvos..„ K 
VDS M , K vus - that are encrypted using a VDS key that is no. known by the host server 28^ 
Then in step (906), the VDS encrypted TAD working keys Kvos_»r. K vos..*, K vo S _.s and 
,„e data structure 42 are commanded by the host server 28 to the VDS 32, responsive ro 
which, in srep (908), the host server 28 receives a verification status from Ure VDS 32, and 
in step (910), the host server 28 communicates this verification status to the chent 12. 

Referring to Fig. 10, from the point of view of .he verification decryption server 32 
(VDS) in step (1002), the verification decryption server 32 receives the VDS encrypted 
TAD working keys Kvos.wr, K vns..t, K vus.., and rhe data structure 42 from .he host 
server 28. Then, in step (1004), .he VDS 32 decrypts .he VDS encrypted TAD workrng 
keys Kvns..., Kvns..t, Kvns.-s using assorted VDS keys Kvnsr, K vo*. K vos, s»redon 
me VDS 32 and .oaded thereon by the ke, .oading unit 38. Then, in step (1006), Ure VDS 
32 extracts the p.ain.ex, random number R from the data structure 42, and in step (1008), 
uses the random number R as a seed, together with the decrypted TAD working keys K„„ 
K„„ K. s from step (1004) to generate - by a key generating process 500 as Unrated in 
Figs 5a and 5b - a set of session keys Ksl, Ks2, Ks3 that are used in step (1010) to decrypr 
,he encrypred portion (i.e. the second information) of One data structure 42, for exampie, rn 
accordance with a 3-DES decryption process as illustrated in Figs. 7a and 7b. Then, ,n step 
(1012) the VDS 32 generates a signature of the second information using the same first 
encryprion process as had been used in the TAD 10, and in srep (1014). if the extracted 
decrypted signature from step (1010) is the same as the generated signature from step (1012), 
rhen in step (1016), the verification process is successful, and in steps (1018) and (1020), the 
information responsive ro the firs, information is extracted from the second infonnanon, and 
rnen communicated to .he customer application system 36 to complete the .ransac.ion, after 
which the customer application system 36 notifies the hos. server 28 that the transaction 
has been completed successfully. Then, in step (1022), the verificarion status ,s 
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communicated by the VDS 32 to the host server 28. If, from step (1014), the generated 
signature is not equal to the extracted, decrypted signature, then, in step (1024), the 
verification process is unsuccessful, and this verification status is communicated to the host 
server 28 in step (1022). 

The TAD 10 incorporates three sets of stored keys that are used in various encryption 
processes, 1) a set of read-only firmware keys K F i, Kp2, Kp3, 2) a set of rekeying keys 
Krki, Krk2, K RK3 that are initially loaded on the TAD 10 by the key loading unit 38, and 3) 
a set of working keys K wi , K w2 , K w3 that are loaded on the TAD 10 during a rekeying 
operation by the key loading unit 38, either directly connected to the TAD 10, or remotely 
via a mailed floppy disk. The TAD 10 uses the working keys K w i, K w2 , K w3 to generate the 
transaction-specific session keys Ksl, Ks2, Ks3 in accordance with a key generating 
process 500, as described hereinabove. The key loading unit 38 loads the rekeying keys 
Krki, Krkz, Krkj and the working keys K w! , K w2 , K W 3 on the TAD 10 by transferring an 
encrypted key seed to the TAD 10, after which the TAD 10 generates the respective keys 
using a key generating process 500, in which the TAD 10 and the key loading unit 38 each 
utilize prearranged secret keys to encrypt the key seed. For example, both binary. ID 
(TADIDJB) and the firmware keys K F1 , K F2 , K F3 are known to both the TAD 10 and the 
key loading unit 38, wherein the key loading unit 38 is able to determine the binary ID 
(TADIDJB) from a lookup process, given the alphanumeric ID (TADID_A) of the TAD 
10. Accordingly, both the key loading unit 38 and the TAD 10 can independently use the 
key generating process 500 ~ with the binary ID (TADID_B) as the seed (with 
S1=S2=S3= TADID_B) and the firmware keys K Fi , K^, K F3 as the generating keys — to 
generate a set of maintenance keys maintenance keys Kmi, K M2 , K M 3- The key loading 
unit 38 then uses the maintenance keys Kmi, Km2, K M 3 to encrypt a rekey random number 
RkR, which is then transferred in encrypted form to the TAD 10, which then decrypts the 
rekey random number RkR and uses this as a seed, together with the maintenance keys 
K M i, K M2 , K M 3 as generating keys, to generate the rekeying keys Krki, K RK2 , K RK 3 
Similarly, the key loading unit 38 can use the same rekey random number RkR as a seed, 
and the same maintenance keys K M i, Km2, K M 3 as generating keys, to independently 
generate identical rekeying keys K RK i, K RK 2, K RK 3. Then, the key loading unit 38 can use 
the rekeying keys Krki, Krk2, K RK 3 to encrypt a working key random number that is 
transferred to the TAD 10 to be used thereby as a seed in accordance with the key 
generating process 500 to generate the TAD working keys K w i, K w2 , K w3 , wherein the 
rekeying keys Krki, Krk2, K RK 3 are used as associated key generating keys. The key 
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loading unites used to load the VDS encrypted TAD working keys K VD s_wi, K vd S _ W 2, 
K yds w3 on the VDS 32, using VDS keys for the encryption, after which the TAD rekeying 
keys K RK „ K RK 2, K rk3 and TAD working keys K w „ K w2 , K w3 are destroyed on the key 
loading unit 38 so that the key loading unit 38 cannot become a single point source of 
security failure. 

The process by which the key loading unit 38 transfers and encrypted key seed to the 
TAD 10 is illustrated in Fig. 11a, and is represented schematically in Fig. lib. 

The process by which the TAD 10 receives the encrypted key seed from the key 
loading unit 38 and decrypts the key seed is illustrated in Fig. 12a, and is represented 

schematically in Fig. 12b. 

The process by which respective key seeds for the rekeying keys Kma, Krki, K RK3 
and the working keys K wl , K w2 , K w3 are respectively generated and encrypted by key 
loading unit 38, and transferred to the TAD 10, is illustrated in Fig. 13. 

The process by which respective key seeds for the rekeying keys Krki, Krk2, Krk3 
and the working keys K wl , K w2 , K w3 are received by the TAD 10 and used to generate the 
respective rekeying keys K RK „ Ku* K RK3 and working keys K wl , K w2 , K w3 , is illustrated 
in Fig. 14. 

Referring also to Fig. 15, the key loading unit 38 provides for manual key 
distribution and management services using a limited set of commands. The TAD uses the 
maintenance key to decrypt the re-keying keys. This operation should be done locally via a 
direct connection to the key loading unit. 

The TAD relies upon a set of 3 DES re-keying keys to load the unit keys that the unit 
relies upon. These re-keying keys are installed in the TAD 10 by the key loading unit 38 via 
the TAD maintenance keys, which are internally generated in the TAD by the interaction of 
the TAD firmware keyset (which is common to all the TAD's in a production lot) with a 
TAD-specific 64 bit Binary ID, TADID_B. The three maintenance keys are generated by 
permuting the order of the firmware keyset in a triple DES EDE encryption of the BID, i.e. 
Kml = E K f,(D K f2(EK(3 VAPID g))), 
Km2 = E K n(DKf2(EKfi (TADID_B))), 
Km3 = E K rc(D K n(EKf3 (TADID #))), 

(wherein E and D respectively represent the encryption and decryption sub-processes 
of a symmetric encryption process, e.g. triple DES (3 DES). Kf 1 is the first firmware key. 
Kml is the first maintenance key. etc. 
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Using the above processes the TAD can generate the TAD-specific maintenance 
keyset. Similarly, the keyloader, which knows the firmware keys and the BID can also 
generate and use the TAD-specific maintenance keyset. Thus, the keyloader can load the re- 
keying keys into the TAD. 

Using the maintenance keys Kml, Km2, Km3, the re-keying keys K RK i, K RK 2, 
K R K3 are generated therein by execution of a load re-key command (a rekey command with 
no re-keying keys is assumed to be a load re-key command), having a command structure is: 

Clear text portion 

Re-key Command 4 bytes (OXFFFFFFFF) 

Re-keying block length (multiple of 8 bytes) 4 bytes 

Random number Rk 24 bytes 

Encrypted portion 

Random number length 4 

Re-keying random number as specified (initially 24) 

digest prior to encryption as appropriate 

The size of the structures may vary with system versions. The encryption keys in 
process are the maintenance keys Kml, Km2, Km3. Upon receiving a re-key command 
with no re-keying keys, the TAD 10 performs the following functions: 

1 . Check to make sure that the block is the right length (if wrong, return a failure code and 
clear the block); 

2. Calculate the session keys, using the random number Rk provided in the clear text 
portion, as follows: 

a. Take the first 8 bytes of the session_random number, Rl_and calculate session key 1 , 

Ksl = E|Cml(DKm2(EKm3 (Rl))) 

(wherein E and D respectively represent the encryption and decryption sub-processes 
of a symmetric encryption process, e.g. triple DES (3 DES); 

b. Take the second 8 bytes of the session_random number, R2_and calculate session key 
2, 

Ks2 = E Km 3(D Km 2(EKnii (R2))); and 

c. Take the third 8 bytes of the session random number, R3 and calculate session key 3, 
Ks3 = E Km 2(DKnii(EKm3 (R3))); 

3. Decrypt the encrypted portion Dks3(Eks2(D Ks i (encrypted portion))) using CBC mode; 

4. Calculate the MD5 hash of the entire block cleartext + decrypted portion (digest block set 
to NULL); 
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5 . CompaJfcn la«d diges, w it b «*- di.es. V wrong. a fai.ur. code ana dear 
key 2, 

K.K2 - OmOWPW (W*S»V. - re . key ,„ g kcy 

8. Take the third 8 by.es of .he re-keying random number, RkR3 and 

3, 

K.K3 = Ek^iTWEk^ (RkR3)». 

The ^-keying command can be issued after .he re-keylng keys K tl> K*. K„ have 

rigCK are gene.a.ed .hcein by — of a re-key command, 

having a command structure is: 

Plaintext portion 

4 bytes (OXFFFFFFFF) 

Re-key Command 

Re-keying block length (multiple of 8 bytes) 4 bytes 

24 bytes 

Random number Rk 

Encrypted portion 

4 

Re-keying counter 

Random number lengm * ^.^ ^ 

Re-keying random number 

as appropriate 

digest prior to encryption 

The associa.ed keying da.a sftucure, for exampfc, does no. have Une ft— of 

hk! bv the TAD 10 and uses the appropriate ones, hence there is no need J 

r ;i r 'f . — - - - — - — - : 

v ir K , hut instead are the re-Keying »r» 
nmcess are not the working keys K w i,K wJ ,K w3) but insiea 

process are noi a tad 10 oerforms the following functions. 

K 3 Upon receiving a re-key command, the TAD 10 performs 
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1 . Check to make sure that the block is the right length (if wrong, return a failure code 
and clear the block); 

2. Calculate the session keys, using the session random number R k provided in the 
plaintext portion, as follows: 

a. Take the first 8 bytes of the session random number, R|, and calculate session 
key 1, K sl : 

K s i = EKri(DKr2(EKr3(Ri))) (wherein E and D respectively represent the 
encryption and decryption sub-processes of a symmetric encryption process, e.g. 
triple DES (3 DES); 

b. Take the second 8 bytes of the session random number, R 2 , and calculate session 



K s2 = EKr3(D K r2(E K ri(R2))); and 
c. Take the third 8 bytes of the session random number, R3 (alternately, R 3 could 
be generated from R| and R 2 by R 3 = Ri XOR R 2 ), and calculate session key 3, 

K s3 : 

K s3 =E Kr2 (DKrl(EKr3(R3))). 

3. Decrypt the encrypted portion Dks 3 (Ek S 2(Dksi (encrypted portion))) using CBC mode; 

4. Calculate the MD5 hash of the entire block plaintext + decrypted portion (digest block 
set to NULL); 

5. Compare calculated digest with received digest (if wrong, return a failure code and 
clear the block); 

6. Check re-keying counter (which is initially set to 0). If less than current re-keying 
counter, return a failure code and clear the block; 

7. Set re-keying counter and compute net unit working keys; 

8. Take the first 8 bytes of the re-keying random number, RkRi and calculate working 
key 1, K w i: 

K wl =E K ri(DKr2(EK r3 (RkRl))); 

9. Take the second 8 bytes of the re-keying random number, RkR 2 and calculate working 
key 2, K w2 : 

K w2 = E K r3(D Kf2 (E K ri(RkR2))); and 

10. Take the third 8 bytes of the re-keying random number, RkR 3 (alternately, R 3 could be 
generated from R| and R 2 by R 3 = Ri XOR R 2 ), and calculate working key 3, K w3 : 

K w3 = E K r2(DKrl(EKr3(RkR 3 ))). 



key 2, K s2 : 
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After the working keys K w i, K w2 , K w3 are initially loaded by the key loading unit 
38, the TAD 10 is placed in service proximate to the client 12 for providing trusted signing 
and authorization of transactions. 

The one or more maintenance test keys are used for diagnosis and maintenance of the 
TAD 10, but generally not for purposes of data encryption. For example, in a diagnostic 
mode, the working keys are replaced with the maintenance keys, and are used to encode a 
dummy transaction, which can then be remotely decoded by maintenance personal to check 
that the TAD 10 is operating properly. 

The data encryption process utilizes a random number R generated by a random 
number generator 44 within the trusted control processor 16 as a seed for an irreversible 
digest process (e.g. an asymmetric encryption process), e.g. MD5, that signs a portion of 
token to be encrypted, and in combination with working keys K w i, K w2 , K w3 created by a 
separate key loading process and stored in memory 26, to generate a set of session keys K s i, 
K s2 , K s3 that are used in a symmetric encryption process, e.g. triple DES (3 DES) using cyclic 
block chaining (CBC) mode, to encrypt the signed message. The trusted control processor 
16 also has a set of re-keying keys K rU K r2 , K r3 that are generated by the key loading unit 
38 in direct connection with the TAD 10 and stored in memory 26. The re-keying keys K rl , 
K r2 , K r3 thereafter enable the working keys K w i, K w2 , K w3 to be update remotely, for 
example, with new working keys K w i, K w2 , K w3 provided to the user 14 over a controlled 
path, e.g. via a floppy disc provided by mail or courier. 

Referring to Figs. 18, 19, 20, 26a, 27a, 28a, 29a, 30a, and 31a, the TAD 10 is 
controlled responsive to various types of TAD input commands that are communicated to the 
TAD 10 either by the client 12 or the key loading unit 38 over the telecommunications 
channel 24. Figs. 20 illustrates the syntax of a command by a client 12 to authorize the 
signing and encryption of data in accordance with the normal operation of the TAD 10. Fig. 
26a illustrates the syntax of a command by a client 12 or the key loading unit 38 to re-key 
the TAD 10. Fig. 28a illustrates the syntax of a command by a client 12 or the key loading 
unit 38 to insert a new language in the TAD 10, by which messages are displayed on the 
trusted display 18. For example, the TAD 10 is configured for selectable predefined 
languages of English, French, German or Spanish, and is provided with the capability of 
loading other languages/character sets, e.g. of Asian languages. 

The TAD 10 has a straight forward interface with the client 12, for example, 
supporting the following three commands from the client: 

Identify - which returns a text string, the TAD ID#, and the TAD version number. 
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Process_Transaction - which accepts a proposed transaction, if successful, returning 
a transaction packet 

Secure_Transaction - The TAD will display the commands to initiate the card swipe, 
transaction digest and encryption. The TAD command interface is as follows: 
Command 4 bytes 

Data length 4 bytes 

Data as specified 

If no data or result is present, the length is set to 0. 

Referring to Fig. 16, the TAD 10 provides trusted authorization of transactions in 
accordance with the following process: 

1 . Client downloads transaction (a compact, < 80 character string) to the TAD 10 in 
accordance with the command structure illustrated in Fig. 5a.. 

2. User observes displayed transaction and verifies that it is correct. 

a. If so, the user presses the GO/ ACCEPT key. 

b. If not, the user presses the STOP/REJECT key. 

3. If rejected, the TAD 10 signals the client and returns a "reject" code. 

4. If accepted, the TAD 10 displays the downloaded instructions to the user. 

5. The user following the instruction, 

a. swipes/enters the specified card, 

b. enters their secret PIN and, 

c. presses the GO/ACCEPT key, 

d. Pressing the STOP/REJECT key clears the transaction. 

6. If rejected, the TAD 10 signals the client and returns a "reject" code. 

7. If the transaction was accepted, the TAD 10 

a. digitally signs the captured card data and the PIN, 

b. packages this information with the transaction, 

c. appropriately encrypts the sensitive data, and 

d. prepares the transaction packet 

8. The TAD 10 notifies the client of success and transfers the prepared transaction 
packet, or TAD Output Token, to the client, structured as indicated in Figs. 21a, 21b, 
and 24, and by example in Fig. 25. 

The data is read in wire order. 
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Th e t!R 0 is no, Mmited ,o a particniar type o, encryption. The foilowng taoie 
indicates an exampie of various aigornhms that can *e used for signing and encrypt 

Packet Digest Identifier 
QD 3 DES CBC digest using packet working key set 

1D MD5 
2D MD160 
SHAl 

Packet Encryption Algorithm ID 

3 DES CBC using packet working key set 
1 DES using key 1 of packet working key set 
The client 12 then transmits this to the appropriate host server 28. The transaction 
r,d bv the TAD 10 will pass through the communications network and then receded 

D (TAD D A) nation number, and corresponding uni.ue working keys K K , 

K ,T. an encrypted form. When the host server 28 receives a transaction from the Cent 12 

ed by the user 14, the host uses the alphanumeric ID (TADID_A) to retneve th 
operated by the user ^ encrypted 

associated encrypted working keys K wl , K w2 , K w3 . The host P 

, ir K K i and the encrypted transaction to the verification decryption 
working keys K w „ K w2 , K w3 have to ^ of 

Dr therebv operating in a stateless mode. The vus m u 

r-rrr — - - rrr - ■ - — 

■c- , Ti,» nrr^ses handled by the VDS 32, tor example, »>uu 
transaction for verification. The processes nana.eu y 

following: 

Read the supplied data block 
Read TAD ID 

Look up decryption key value 

Parse encrypted key data structure wnrki „„ keys 

A VDS 32 has the decryption keys needed to decrypt the encrypted working ta£ 
K K i K 3 The host server 28 passes the encrypted working keys K w „ K w2 , K w3 
Vd's J 1 the following data format, for example, having a structure that is more general 
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than that required to handle to initial implementation of 3 DES keys so as to be able to handle 
different secret or public key algorithms, as appropriate: 

Plaintext portion 
Element Identifier Element Length 

TAD Unit ID 8 bytes 

Key structure length 4 bytes 

Packet Digest Identifier 2 bytes 

Packet Encryption Algorithm ID 2 bytes 

Random number 16 bytes 

Encrypted portion 
Element Identifier Element Length 

TAD keys packet length - (32+digest) 

digest prior to encryption as appropriate 

The duplication of databases may be prevented by storing the wrapped TAD keys 
with the TAD and user data in the host server 28. 

The use of two sets of unique DES key triplets: the unit re-keying key set, and the unit 
working key set, helps to reduce the processing and storage requirements that would 
otherwise be required with public key technology. The unit's re-keying key set is the basic 
key set for the unit. It can only be used with a single command, an encrypted command 
generated by the keying/re-keying server that causes the TAD 10 to generate the working 
keys K w i, K w2 , K w3 that are used in all security operations. 

The key loading unit 38 and host server 28 are trusted with the either the binary ID 
(TADID_B) or the working keys K w! , K w2 , K w3 , an accordingly are, for example, 
implemented so as to provide substantial assurance of the integrity of the storage and 
processing of these keys, for example, based upon Getronics (formerly Wang) STOP 
platforms (NSA evaluated B3). The associated communications protection devices are 
examined by trusted third parties so as to provide independent assurance concerning the 
device properties and characteristics. 

The TAD 10 has been adapted to incorporate other devices into its trust perimeter 
such as a GPS receiver 46 and may be adapted to incorporate other devices, such as a 
signature input device 48, one or more biometric input devices 50 (e.g. voice, fingerprint, 
retinal scan), a camera, a breath analyzer 52, and etc. 

Referring to Fig. 1, the security and authenticity of the TAD 10 may be with a GPS 
receiver 46, so as to enable a service provider to ascertain that the user 14 is at the correct 
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prearranged fL Nation for rhe TAD 10, and rhar .he TAD 10 has nor heen reiocated. 
Z is Lfu. 1 certain business —ion, where a TAD 10 U issued ro a spec.fic 
cns.on.er ar a specific >oc,ion. The nse of fhe GPS receiver 48 a„„ws the managers 
system ,o provide s.ro„g assurance of rhe user's .ccafion, as we,, as provide an accurate finte 
vie (e. g . accurate to a mifiisecond or berrer). The coordinares (iatitude J"*"^ 
aUitudc) from the GPS receiver 48 are suucd in an associared fie.d, e.g. F,e,d »5 of he TAD 
Output data srrucrure „,us.ra,ed in Fig. 24. and are therefore signed and encrypt a*ng w.th 
1 1st of ,he encrypted portion of rhe TAD Ourpu, data srructure. According,,, ,heserv,~ 
provrder inCude a test of the decrypred position coordinares o, .he TAD 1. from Ore GPS 
receiver 46 in deciding wherher or no. ro carry out the transaction revested by .he user WL 

Whereas the TAD ,0 is Unrstrated as a separare device, it shouid he undersrood tha 
the TAD 10 could be embedded in the cHe„. 12. Furthermore, whereas rhe Key ,oad.ng - 
38 is iUusrrared as a singie workstation within the trusred environment of the h.s, server 28 
and verification decrypt server 32, it shoufd be undersrood rha, the Key K^ng - » 
couid be cons.ruc.ed as a portabie unit that can be moved to .be sue o, me TAD 10 by 

the art wil. appreciare .bar various modrficarions and aUemarives ro .hose derads could be 
IveToped in gh, of rhe overaU .cachings of rhe disdosute. Accordingiy, the partrcular 
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-18- 



WO 02/079960 



PCT/US02/10353 



WE CLAIM: 



1. A method of providing for a trusted authorization of a transaction, comprising: 

a. providing for communicating with a first computer; 

b. providing for displaying first information to be authorized on a trusted display of a 
trusted authorization device, wherein said first information to be authorized is 
provided by said first computer; 

c. providing for receiving an authorization command from a trusted keypad of said 
trusted authorization device, wherein said authorization command is related to said 
first information; and 

d. if said authorization command provides for authorizing said first information, then 
providing for a set of operations by a trusted processor of said trusted authorization 
device, said set of operations comprising: 

i. generating a random number; 

ii. generating second information that is responsive to said first information to be 
authorized, wherein said second information further incorporates both said 
random number and a first identification code associated with said trusted 
authorization device, wherein said first identification code is stored on a trusted 
memory of said trusted authorization device; 

iii. generating a signature of said second information, wherein said signature is 
generated by a first encryption process; 

iy.. generating a set of session keys by a second encryption process, wherein said 
second encryption process is responsive to said random number and to a set of 
stored working keys, and said set of stored working keys are stored on said 
trusted memory of said trusted authorization device; 

v. generating third information by encrypting said second information and said 
signature using a third encryption process that is responsive to said set of 
session keys; and 

vi. communicating to said first computer said random number, said first 
identification code, and said third information, wherein said random number and 
said first identification code are communicated in plaintext. 

2. A method of providing for a trusted authorization of a transaction as recited in claim 1, 
further comprising providing for receiving a personal identification code from a user, 
wherein said personal identification code is incorporated in said second information. 
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3. A methodof providing for a trusted authorization of a transaction as recited in claim 2, 
wherein said personal information code comprises a code entered with a trusted keypad of 
said trusted authorization device. 

4. A method of providing for a trusted authorization of a transaction as recited in claim 2, 
wherein said personal information code is responsive to a biometric input from a user 
entered with a trusted biometric input device. 

5. A method of providing for a trusted authorization of a transaction as recited in claim 2, 
wherein said personal information code is responsive to a signature input from a user 
entered with a trusted signature input device. 

6. A method of providing for a trusted authorization of a transaction as recited in claim 2, 
wherein said personal information code is responsive to a voice input from a user entered 
with a trusted microphone. 

7. A method of providing for a trusted authorization of a transaction as recited in claim 2, 
wherein said personal information code comprises a digest of at least one of a biometric 
input from a user entered with a trusted biometric input device, a signature input from a 
user entered with a trusted signature input device, and a voice input from a user entered 
with a trusted microphone. 

8. A method of providing for a trusted authorization of a transaction as recited in claim 1, 
further comprising providing for receiving a personal identification code from a user, 
wherein the operation of providing for said set of operations by a trusted processor of said 
trusted authorization device is responsive to whether said personal identification code 
corresponds to a stored personal identification code, said stored personal identification 
code is stored in said trusted memory of said trusted authorization device, and said stored 
personal identification code is associated with an authentic user of said trusted 
authorization device. 

9. A method of providing for a trusted authorization of a transaction as recited in claim 8, 
wherein said personal information code comprises a code entered with a trusted keypad of 
said trusted authorization device. 

10. A method of providing for a trusted authorization of a transaction as recited in claim 8, 
wherein said personal information code is responsive to a biometric input from a user 
entered with a trusted biometric input device. 

11. A method of providing for a trusted authorization of a transaction as recited in claim 8, 
wherein said personal information code is responsive to a signature input from a user 
entered with a trusted signature input device. 
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12. A method of providing for a trusted authorization of a transaction as recited in claim 8, 
wherein said personal information code is responsive to a voice input from a user entered 
with a trusted microphone. 

13. A method of providing for a trusted authorization of a transaction as recited in claim 8, 
wherein said personal information code is associated with said trusted authorization 
device. 

14. A method of providing for a trusted authorization of a transaction as recited in claim 8, 
wherein said personal information code comprises a digest of at least one of a biometric 
input from a user entered with a trusted biometric input device, a signature input from a 
user entered with a trusted signature input device, and a voice input from a user entered 
with a trusted microphone. 

15. A method of providing for a trusted authorization of a transaction as recited in claim 1, 
further comprising providing for receiving fourth information from a physical token in 
possession of a user and incorporating at least a portion of said fourth information in said 
second information. 

16. A method of providing for a trusted authorization of a transaction as recited in claim 15, 
wherein said physical token is selected from a credit card, a debit card, and a smart card. 

17. A method of providing for a trusted authorization of a transaction as recited in claim 16, 
wherein the operation of receiving fourth information from a physical token comprises 
reading said fourth information from said physical token using a trusted reader. 

18. A method of providing for a trusted authorization of a transaction as recited in claim 17, 
wherein said fourth information is stored on a magnetic strip of said physical token, and 
the operation of receiving fourth information from a physical token comprises reading 
said fourth information from said magnetic strip using a trusted magnetic card reader. 

19. A method of providing for a trusted authorization of a transaction as recited in claim 15, 
further comprising providing for receiving a personal identification code from a user, and 
incorporating said personal identification code in said second information, wherein said 
personal information code is associated with said physical token. 

20. A method of providing for a trusted authorization of a transaction as recited in claim 15, 
further comprising providing for receiving a personal identification code from a user, 
wherein said personal information code is associated with said physical token, the 
operation of providing for said set of operations by a trusted processor of said trusted 
authorization device is responsive to whether said personal identification code 
corresponds to a stored personal identification code stored in said physical token, and said 
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21 Tlthod of providing for a .rusted authorization of a transaction as recited in Cairn 1. 
llin said random number is a true random number, and said true random number ,s 
responsive to a physical process. 

22. A method of providing for a trusted and— n of a transaction as reeded tn *m 1, 
wherein said second infonnadon comprises at leas, a portion of said firs, tnfonnauon. 

23. A method of providing for a .rusted authorization of a .ransac.io„ as recHed ,n c.atm 1. 
further comprising: 

a incrementing a transaction counter; and 

b incorporate the vaiue of said .ransacion coun.e, in said second informal. 

24 A merited of providing for a trttsted au.hor.za.ion of a transaction as .cued m Cam, 2* 
Lher comprising communicating in piaintez, .0 sa,d firs, computer .he vaiue of sa,d 

transaction counter. . ^ 

25 A method of pmviding for a trusted au.horiza.ion of a paction as recued ,n clatm 1. 
further comprising providing for receiving iocafion information from a .msred iocatton 
device and lotporating said iccation infomtadon in said second informal, wherem 
said iocation information is re,a.ed .o ,he ioca.ion of said .rusted aumorizafion dev- 

2«. A method o, providing for a .mated authorization of a .ransacion as raced ,n drum 25, 
wherein said masted iocadon device comprises a .rusted OPS rece.ver. 

27. A method of providing for a .rusted au.horiza.ion of a .ransacon as met, dmc ,rt 1 
.herein said firs, encryption process comprises a Data Encrypnon Standard (DBS) cyci c 
Mock code (CBC) manipulation de.ec.ion code (MDC) using said random number as 

initial vector. . . . . t 

2* A memod of providing for a .rusted au.horiza.ion of a transaction as rect.e ,n c.a.m 1 
wherein said L eneryp.ion process comprises a diges. aigonthm se.ec.ed from MD5 

2, Tm^od'of providing for a trusted au.horiza.io„ of a transact as recited in ciaitn ,U 
Item said firs, encryption process comprises a Pubiic Key infras.mc.ure (PKB 
encryption aigorimm using a priva.e key .ha. is associated wi,h either 
Ilorization device or a physica, token a, ieas, temporariiy operative,, connected osa, 
trust ed authorization device, wherein said firs, encryption process operates on a d.gest 
said second information. 
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30. A method of providing for a trusted authorization of a transaction as recited in claim 1, 
wherein said second encryption process comprises a symmetric encryption of said 
random number using said set of working keys that are stored in said trusted memory of 
said transaction authorization device. 

31. A method of providing for a trusted authorization of a transaction as recited in claim 30, 
wherein said working keys are generated by a fourth encryption process, and said fourth 
encryption process is responsive to a second identification code associated with said 
trusted authorization device, and to a set of rekeying keys stored in said trusted memory 
of said trusted authorization device. 

32. A method of providing for a trusted authorization of a transaction as recited in claim 1, 
further comprising communicating in plaintext to said first computer at least one 
encryption algorithm identification code associated with at least one of said first 
encryption process and said third encryption process. 

33. A method of providing for a trusted authorization of a transaction, comprising: 

a. providing for initiating a transaction on a first computer responsive to at least one 
input from a user; 

b. providing for communicating first information to a transaction authorization device, 
wherein said first information is related to said transaction, and said transaction 
authorization device is operatively connected to said first computer; 

c. providing for receiving a data structure from said transaction authorization device, 
wherein said data structure is responsive to said first information, said data structure 
comprises a random number, a first identification code, and third information, said 
third information comprises an encryption by a third encryption process of both 
second information and a signature responsive to said second information, a first 
portion of said second information is responsive to said first information, a second 
portion of said second information comprises said random number, a third portion of 
said second information comprises said first identification code, said random number 
is generated by said trusted authorization device, and said first identification code is 
associated with said trusted authorization device; and 

d. providing for communicating said data structure to a host server computer, wherein 
said data structure provides for a trusted authorization of said transaction. 
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34. A method of providing for a trusted authorization of a transaction, comprising: 

a. providing for receiving by a first computer a data structure from a second computer, 
wherein said data structure is responsive to first information, said first information is 
related to a transaction to be authorized, said data structure comprises a random 
number, a first identification code, and third information, said third information 
comprises an encryption by a third encryption process of both second information and 
a signature by a first encryption process responsive to said second information, a first 
portion of said second information is responsive to said first information, a second 
portion of said second information comprises said random number, a third portion of 
said second information comprises said first identification code; 

b. providing for retrieving a set of stored working keys, wherein said operation of 
retrieving is responsive to said first identification code; 

c. providing for generating a set of session keys by a second encryption process, wherein 
said second encryption process is responsive to said random number and to said set of 
stored working keys; 

d. providing for generating second information and fifth information by decrypting said 
third information using said third encryption process that is responsive to said set of 
session keys; 

e. providing for generating a signature of said second information, wherein said 
signature is generated by said first encryption process; 

f. providing for comparing said signature with said fifth information; and 

g. if said signature matches said fifth information, then providing for acting upon said 
second information. 

35. A method of providing for a trusted authorization of a transaction as recited in claim 25, 
further comprising providing for transmitting to a third computer said random number, a 
set of encrypted working keys for said third encryption process and said third 
information, and receiving from said third computer a result, wherein said set of 
encrypted working keys is responsive to said first identification code, said set of 
encrypted working keys are encrypted with a set of keys of said third computer, the 
operation of providing for acting upon said second information is responsive to said result 
and said third computer performs the operations of providing for generating said set of 
session keys, providing for generating said second information and said fifth information, 
providing for generating said signature of said second information, and providing for 
comparing said signature with said fifth information.. 
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36. A method of authorizing a transaction responsive to a data structure, comprising: 

a. receiving said data structure, wherein said data structure is responsive to first 
information, said first information is related to a transaction to be authorized, said 
data structure comprises a random number, a first identification code, and third 
information, said third information comprises an encryption by a third encryption 
process of both second information and a signature by a first encryption process 
responsive to said second information, a first portion of said second information is 
responsive to said first information, a second portion of said second information 
comprises said random number, a third portion of said second information comprises 
said first identification code; 

b. retrieving or receiving a set of stored working keys, wherein said operation of 
retrieving is responsive to said first identification code; 

c. generating a set of session keys by a second encryption process, wherein said second 
encryption process is responsive to said random number and to said set of stored 
working keys; 

d. generating second information and fifth information by decrypting said third 
information using said third encryption process that is responsive to said set of 
session keys; 

e. generating a signature of said second information, wherein said signature is generated 
by said first encryption process; 

f. comparing said signature with said fifth information; and 

g. transmitting a result of the operation of comparing- said signature with said fifth 
information. 

37. A method of authorizing a transaction responsive to a data structure as recited in claim 
36, wherein said set of stored working keys are encrypted, further comprising decrypting 
said set of stored working keys prior to the operation of generating a set of session keys. 

38. A memory for storing data for access by an application program being executed on a 
computer, comprising a data structure stored in said memory, wherein said data structure 
is responsive to first information, said first information is related to a transaction to be 
authorized, and said data structure comprises 

a. a first data object comprising a random number; 

b. a second data object comprising a first identification code; and 
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c. a thmPdata object comprising third information, wherein said third information 
comprises an encryption by a third encryption process of both second information and 
a signature by a first encryption process responsive to said second information, said 
third encryption process is responsive to a set of session keys that are responsive to 
said random number, a first portion of said second information is responsive to said 
first information, a second portion of said second information comprises said random 
number, a third portion of said second information comprises said first identification 
code. 

39. A memory for storing data for access by an application program being executed on a 
computer as recited in claim 38, wherein said data structure further comprises a fourth 
data object comprising a value of a transaction counter. 

40. A memory for storing data for access by an application program being executed on a 
computer as recited in claim 38, wherein said second information incorporates a value of 
a transaction counter. 
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